LISTING OF AMENDED CLAIMS 

The listing of claims below replaces all prior versions and listings of claims. No 
current amendments are presented in this reply. 

Claim 1 (original) A method comprising: 
providing a user-defined data type; 

providing security information for the user-defined data type; 
storing data instances according to the user-defined data type; and 
associating the security information with the data instances. 

Claim 2 (original) The method of claim 1, wherein associating the security 
information comprises associating the security information with each individual data 
instance. 

Claim 3 (original) The method of claim 1, wherein associating the security 
information comprises associating an access list containing a list of identifiers of 
authorized entities. 

Claim 4 (original) The method of claim 1 , fiirther comprising: 

providing one or more functions to perform predetermined one or more 

tasks for the user-defined data type; and 

invoking the one or more functions to process data instances according to 

the user-defined data type. 
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Claim 5 (original) An article comprising at least one storage medium containing 
instructions executable in a database system, the instructions when executed causing the 
database system to: 

provide a first data type defining security information relating to access 

rights; 

store an instance of data according to the first data type in the database 

system; and 

associate the security information with the instance of data. 

Claim 6 (original) The article of claim 5, wherein the instructions when executed 
cause the database system to fiirther: 

receive a request to access the instance of data; and 

grant access to the instance of data based on the security information. 

Claim 7 (original) The article of claim 5, wherein the instructions when executed 
cause the database system to provide the first data type by providing a user-defined data 
type. 

Claim 8 (original) The article of claim 7, wherein the instructions when executed 
cause the database system to provide the user-defined data type by providing the user- 
defined data type in an object relational database system. 

Claim 9 (original) The article of claim 5, wherein the instructions when executed 
cause the database system to store the instance of data by storing the instance of data in 
an object relational database system. 

Claim 10 (original) The article of claim 5, wherein the instructions when executed 
cause the database system to fiirther associate one or more fiinctions with the instance of 
data, the one or more fiinctions to provide one or more predefined tasks. 
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Claim 1 1 (original) The article of claim 10, wherein the instructions when 
executed cause the database system to further invoke at least one of the functions to add 
an identifier of an authorized entity to the security information, the authorized entity 
being authorized to access the instance of data. 

Claim 12 (original) The article of claim 11, wherein the authorized entity 
comprises an authorized user. 

Claim 13 (original) The article of claim 11, wherein the security information 
comprises a list of identifiers of authorized entities. 

Claim 14 (original) The article of claim 11, wherein the instructions when 
executed cause the database system to further invoke another one of the secimty 
functions to remove an identifier firom the security information. 

Claim 15 (original) The article of claim 5, wherein the instructions when executed 
cause the database system to provide the first data type by providing the first data type 
defining one or more security functions to perform one or more predefined tasks. 

Claim 16 (original) The article of claim 15, wherein the instructions when 
executed cause the database system to fiirther provide a second data type built upon the 
first data type, the second data type inheriting the security information and one or more 
security functions of the first data type, wherein the second data type further defines one 
or more additional security functions. 
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Claim 17 (previously amended) A database system, comprising: 

one or more storage modules to store instances of data, each instance of 
data being accessed according to a first secure data type associated with security 
information; and 

a controller adapted to determine whether or not to grant access to one of 
the instances of data in response to a query based on whether the associated security 
information indicates that a source of the query has permission to access the one instance 
of data. 

Clahn 1 8 (original) The database system of claim 1 7, comprising an object 
relational database management system. 

Claim 19 (original) The database system of claim 17, wherein the first secure data 
type comprises a user-defined data type. 

Claim 20 (original) The database system of claim 1 7, the one or more storage 
modules to fiarther store instances of data according to a second secure data type. 

Claim 21 (original) The database system of claim 20, wherein the second secure 
data type is inherited firom the first secure data type. 

Claim 22 (original) The database system of claim 17, wherein each instance of 
data is fiirther associated with one or more methods defined by the first secure data type, 
and wherein the controller is adapted to invoke the one or more methods to process 
instances of data according to the first secured data type. 
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Claim 23 (original) A database system comprising: 

one or more storage modules to store data instances according to a secure 
user-defined data type, the secure user-defined data type defining security information 
and one or more security fimctions; and 

a controller adapted to receive a Structured Query Language query 
originated by a source for one of the data instances, the controller adapted to determine if 
the source is authorized to access the one data instance based on the security information, 

the controller adapted to fiirther invoke the one or more security functions 
to process the one data instance. 
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